Lucene search
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2020-4500.NASLHistoryNov 04, 2020 - 12:00 a.m.
RHEL 8 : bind (RHSA-2020:4500)
2020-11-0400:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
17
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.2 High
AI Score
Confidence
Low
0.022 Low
EPSS
Percentile
89.6%
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4500 advisory.
-
bind: asterisk character in an empty non-terminal can cause an assertion failure in rbtdb.c (CVE-2020-8619)
-
bind: truncated TSIG response can lead to an assertion failure (CVE-2020-8622)
-
bind: remotely triggerable assertion failure in pk11.c (CVE-2020-8623)
-
bind: incorrect enforcement of update-policy rules of type subdomain (CVE-2020-8624)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2020:4500. The text
# itself is copyright (C) Red Hat, Inc.
##
include('compat.inc');
if (description)
{
script_id(142448);
script_version("1.10");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/28");
script_cve_id(
"CVE-2020-8619",
"CVE-2020-8622",
"CVE-2020-8623",
"CVE-2020-8624"
);
script_xref(name:"IAVA", value:"2020-A-0276-S");
script_xref(name:"RHSA", value:"2020:4500");
script_xref(name:"IAVA", value:"2020-A-0385-S");
script_name(english:"RHEL 8 : bind (RHSA-2020:4500)");
script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2020:4500 advisory.
- bind: asterisk character in an empty non-terminal can cause an assertion failure in rbtdb.c
(CVE-2020-8619)
- bind: truncated TSIG response can lead to an assertion failure (CVE-2020-8622)
- bind: remotely triggerable assertion failure in pk11.c (CVE-2020-8623)
- bind: incorrect enforcement of update-policy rules of type subdomain (CVE-2020-8624)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/index
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?44b830f6");
# https://access.redhat.com/security/data/csaf/v2/advisories/2020/rhsa-2020_4500.json
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5308ad11");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/updates/classification/#moderate");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:4500");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1693395");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1749505");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1814158");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1817870");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1847244");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1848169");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1859454");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1869473");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1869477");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1869480");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-8624");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(400, 617);
script_set_attribute(attribute:"vendor_severity", value:"Moderate");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/06/17");
script_set_attribute(attribute:"patch_publication_date", value:"2020/11/04");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/11/04");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-chroot");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-export-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-export-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-libs-lite");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-license");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-lite-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-pkcs11");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-pkcs11-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-pkcs11-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-pkcs11-utils");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-sdb");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-sdb-chroot");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bind-utils");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-bind");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Red Hat Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "redhat_repos.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
include('rhel.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);
var constraints = [
{
'repo_relative_urls': [
'content/dist/rhel8/8.10/aarch64/appstream/debug',
'content/dist/rhel8/8.10/aarch64/appstream/os',
'content/dist/rhel8/8.10/aarch64/appstream/source/SRPMS',
'content/dist/rhel8/8.10/aarch64/baseos/debug',
'content/dist/rhel8/8.10/aarch64/baseos/os',
'content/dist/rhel8/8.10/aarch64/baseos/source/SRPMS',
'content/dist/rhel8/8.10/ppc64le/appstream/debug',
'content/dist/rhel8/8.10/ppc64le/appstream/os',
'content/dist/rhel8/8.10/ppc64le/appstream/source/SRPMS',
'content/dist/rhel8/8.10/ppc64le/baseos/debug',
'content/dist/rhel8/8.10/ppc64le/baseos/os',
'content/dist/rhel8/8.10/ppc64le/baseos/source/SRPMS',
'content/dist/rhel8/8.10/s390x/appstream/debug',
'content/dist/rhel8/8.10/s390x/appstream/os',
'content/dist/rhel8/8.10/s390x/appstream/source/SRPMS',
'content/dist/rhel8/8.10/s390x/baseos/debug',
'content/dist/rhel8/8.10/s390x/baseos/os',
'content/dist/rhel8/8.10/s390x/baseos/source/SRPMS',
'content/dist/rhel8/8.10/x86_64/appstream/debug',
'content/dist/rhel8/8.10/x86_64/appstream/os',
'content/dist/rhel8/8.10/x86_64/appstream/source/SRPMS',
'content/dist/rhel8/8.10/x86_64/baseos/debug',
'content/dist/rhel8/8.10/x86_64/baseos/os',
'content/dist/rhel8/8.10/x86_64/baseos/source/SRPMS',
'content/dist/rhel8/8.6/aarch64/appstream/debug',
'content/dist/rhel8/8.6/aarch64/appstream/os',
'content/dist/rhel8/8.6/aarch64/appstream/source/SRPMS',
'content/dist/rhel8/8.6/aarch64/baseos/debug',
'content/dist/rhel8/8.6/aarch64/baseos/os',
'content/dist/rhel8/8.6/aarch64/baseos/source/SRPMS',
'content/dist/rhel8/8.6/ppc64le/appstream/debug',
'content/dist/rhel8/8.6/ppc64le/appstream/os',
'content/dist/rhel8/8.6/ppc64le/appstream/source/SRPMS',
'content/dist/rhel8/8.6/ppc64le/baseos/debug',
'content/dist/rhel8/8.6/ppc64le/baseos/os',
'content/dist/rhel8/8.6/ppc64le/baseos/source/SRPMS',
'content/dist/rhel8/8.6/s390x/appstream/debug',
'content/dist/rhel8/8.6/s390x/appstream/os',
'content/dist/rhel8/8.6/s390x/appstream/source/SRPMS',
'content/dist/rhel8/8.6/s390x/baseos/debug',
'content/dist/rhel8/8.6/s390x/baseos/os',
'content/dist/rhel8/8.6/s390x/baseos/source/SRPMS',
'content/dist/rhel8/8.6/x86_64/appstream/debug',
'content/dist/rhel8/8.6/x86_64/appstream/os',
'content/dist/rhel8/8.6/x86_64/appstream/source/SRPMS',
'content/dist/rhel8/8.6/x86_64/baseos/debug',
'content/dist/rhel8/8.6/x86_64/baseos/os',
'content/dist/rhel8/8.6/x86_64/baseos/source/SRPMS',
'content/dist/rhel8/8.8/aarch64/appstream/debug',
'content/dist/rhel8/8.8/aarch64/appstream/os',
'content/dist/rhel8/8.8/aarch64/appstream/source/SRPMS',
'content/dist/rhel8/8.8/aarch64/baseos/debug',
'content/dist/rhel8/8.8/aarch64/baseos/os',
'content/dist/rhel8/8.8/aarch64/baseos/source/SRPMS',
'content/dist/rhel8/8.8/ppc64le/appstream/debug',
'content/dist/rhel8/8.8/ppc64le/appstream/os',
'content/dist/rhel8/8.8/ppc64le/appstream/source/SRPMS',
'content/dist/rhel8/8.8/ppc64le/baseos/debug',
'content/dist/rhel8/8.8/ppc64le/baseos/os',
'content/dist/rhel8/8.8/ppc64le/baseos/source/SRPMS',
'content/dist/rhel8/8.8/s390x/appstream/debug',
'content/dist/rhel8/8.8/s390x/appstream/os',
'content/dist/rhel8/8.8/s390x/appstream/source/SRPMS',
'content/dist/rhel8/8.8/s390x/baseos/debug',
'content/dist/rhel8/8.8/s390x/baseos/os',
'content/dist/rhel8/8.8/s390x/baseos/source/SRPMS',
'content/dist/rhel8/8.8/x86_64/appstream/debug',
'content/dist/rhel8/8.8/x86_64/appstream/os',
'content/dist/rhel8/8.8/x86_64/appstream/source/SRPMS',
'content/dist/rhel8/8.8/x86_64/baseos/debug',
'content/dist/rhel8/8.8/x86_64/baseos/os',
'content/dist/rhel8/8.8/x86_64/baseos/source/SRPMS',
'content/dist/rhel8/8.9/aarch64/appstream/debug',
'content/dist/rhel8/8.9/aarch64/appstream/os',
'content/dist/rhel8/8.9/aarch64/appstream/source/SRPMS',
'content/dist/rhel8/8.9/aarch64/baseos/debug',
'content/dist/rhel8/8.9/aarch64/baseos/os',
'content/dist/rhel8/8.9/aarch64/baseos/source/SRPMS',
'content/dist/rhel8/8.9/ppc64le/appstream/debug',
'content/dist/rhel8/8.9/ppc64le/appstream/os',
'content/dist/rhel8/8.9/ppc64le/appstream/source/SRPMS',
'content/dist/rhel8/8.9/ppc64le/baseos/debug',
'content/dist/rhel8/8.9/ppc64le/baseos/os',
'content/dist/rhel8/8.9/ppc64le/baseos/source/SRPMS',
'content/dist/rhel8/8.9/s390x/appstream/debug',
'content/dist/rhel8/8.9/s390x/appstream/os',
'content/dist/rhel8/8.9/s390x/appstream/source/SRPMS',
'content/dist/rhel8/8.9/s390x/baseos/debug',
'content/dist/rhel8/8.9/s390x/baseos/os',
'content/dist/rhel8/8.9/s390x/baseos/source/SRPMS',
'content/dist/rhel8/8.9/x86_64/appstream/debug',
'content/dist/rhel8/8.9/x86_64/appstream/os',
'content/dist/rhel8/8.9/x86_64/appstream/source/SRPMS',
'content/dist/rhel8/8.9/x86_64/baseos/debug',
'content/dist/rhel8/8.9/x86_64/baseos/os',
'content/dist/rhel8/8.9/x86_64/baseos/source/SRPMS',
'content/dist/rhel8/8/aarch64/appstream/debug',
'content/dist/rhel8/8/aarch64/appstream/os',
'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',
'content/dist/rhel8/8/aarch64/baseos/debug',
'content/dist/rhel8/8/aarch64/baseos/os',
'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',
'content/dist/rhel8/8/ppc64le/appstream/debug',
'content/dist/rhel8/8/ppc64le/appstream/os',
'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',
'content/dist/rhel8/8/ppc64le/baseos/debug',
'content/dist/rhel8/8/ppc64le/baseos/os',
'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',
'content/dist/rhel8/8/s390x/appstream/debug',
'content/dist/rhel8/8/s390x/appstream/os',
'content/dist/rhel8/8/s390x/appstream/source/SRPMS',
'content/dist/rhel8/8/s390x/baseos/debug',
'content/dist/rhel8/8/s390x/baseos/os',
'content/dist/rhel8/8/s390x/baseos/source/SRPMS',
'content/dist/rhel8/8/x86_64/appstream/debug',
'content/dist/rhel8/8/x86_64/appstream/os',
'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',
'content/dist/rhel8/8/x86_64/baseos/debug',
'content/dist/rhel8/8/x86_64/baseos/os',
'content/dist/rhel8/8/x86_64/baseos/source/SRPMS'
],
'pkgs': [
{'reference':'bind-9.11.20-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},
{'reference':'bind-chroot-9.11.20-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},
{'reference':'bind-devel-9.11.20-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},
{'reference':'bind-export-devel-9.11.20-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},
{'reference':'bind-export-libs-9.11.20-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},
{'reference':'bind-libs-9.11.20-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},
{'reference':'bind-libs-lite-9.11.20-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},
{'reference':'bind-license-9.11.20-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},
{'reference':'bind-lite-devel-9.11.20-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},
{'reference':'bind-pkcs11-9.11.20-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},
{'reference':'bind-pkcs11-devel-9.11.20-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},
{'reference':'bind-pkcs11-libs-9.11.20-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},
{'reference':'bind-pkcs11-utils-9.11.20-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},
{'reference':'bind-sdb-9.11.20-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},
{'reference':'bind-sdb-chroot-9.11.20-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},
{'reference':'bind-utils-9.11.20-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'},
{'reference':'python3-bind-9.11.20-5.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'32'}
]
}
];
var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);
var flag = 0;
foreach var constraint_array ( constraints ) {
var repo_relative_urls = NULL;
if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
foreach var pkg ( constraint_array['pkgs'] ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
var cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
_release &&
rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
(applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
var extra = NULL;
if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = rpm_report_get() + redhat_report_repo_caveat();
else extra = rpm_report_get();
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : extra
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bind / bind-chroot / bind-devel / bind-export-devel / etc');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | enterprise_linux | 8 | cpe:/o:redhat:enterprise_linux:8 |
| redhat | enterprise_linux | bind | p-cpe:/a:redhat:enterprise_linux:bind |
| redhat | enterprise_linux | bind-chroot | p-cpe:/a:redhat:enterprise_linux:bind-chroot |
| redhat | enterprise_linux | bind-devel | p-cpe:/a:redhat:enterprise_linux:bind-devel |
| redhat | enterprise_linux | bind-export-devel | p-cpe:/a:redhat:enterprise_linux:bind-export-devel |
| redhat | enterprise_linux | bind-export-libs | p-cpe:/a:redhat:enterprise_linux:bind-export-libs |
| redhat | enterprise_linux | bind-libs | p-cpe:/a:redhat:enterprise_linux:bind-libs |
| redhat | enterprise_linux | bind-libs-lite | p-cpe:/a:redhat:enterprise_linux:bind-libs-lite |
| redhat | enterprise_linux | bind-license | p-cpe:/a:redhat:enterprise_linux:bind-license |
| redhat | enterprise_linux | bind-lite-devel | p-cpe:/a:redhat:enterprise_linux:bind-lite-devel |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8622
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8623
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8624
www.nessus.org/u?44b830f6
www.nessus.org/u?5308ad11
access.redhat.com/errata/RHSA-2020:4500
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1693395
bugzilla.redhat.com/show_bug.cgi?id=1749505
bugzilla.redhat.com/show_bug.cgi?id=1814158
bugzilla.redhat.com/show_bug.cgi?id=1817870
bugzilla.redhat.com/show_bug.cgi?id=1847244
bugzilla.redhat.com/show_bug.cgi?id=1848169
bugzilla.redhat.com/show_bug.cgi?id=1859454
bugzilla.redhat.com/show_bug.cgi?id=1869473
bugzilla.redhat.com/show_bug.cgi?id=1869477
bugzilla.redhat.com/show_bug.cgi?id=1869480
Related
nessus
nessus
Oracle Linux 8 : bind (ELSA-2020-4500)
2020-11-12 00:00:00
Debian DSA-4752-1 : bind9 - security update
2020-08-28 00:00:00
NewStart CGSL MAIN 6.02 : bind Multiple Vulnerabilities (NS-SA-2021-0064)
2021-03-10 00:00:00
debian
debian
[SECURITY] [DSA 4752-1] bind9 security update
2020-08-27 18:05:23
[SECURITY] [DSA 4752-1] bind9 security update
2020-08-27 18:05:23
[SECURITY] [DLA 2355-1] bind9 security update
2020-08-29 21:30:34
openvas
openvas
Debian: Security Advisory (DSA-4752-1)
2020-08-28 00:00:00
Fedora: Security Advisory for bind-dyndb-ldap (FEDORA-2020-a02b7a0f21)
2020-09-02 00:00:00
Fedora: Security Advisory for bind (FEDORA-2020-a02b7a0f21)
2020-09-02 00:00:00
redhat
redhat
(RHSA-2020:4500) Moderate: bind security, bug fix, and enhancement update
2020-11-03 12:10:19
(RHSA-2020:5203) Moderate: bind security update
2020-11-24 09:50:37
(RHSA-2020:5011) Moderate: bind security and bug fix update
2020-11-10 09:39:22
osv
osv
bind9 - security update
2020-08-27 00:00:00
bind9 - security update
2020-08-29 00:00:00
CVE-2020-8624
2020-08-21 21:15:12
fedora
fedora
[SECURITY] Fedora 32 Update: bind-9.11.22-1.fc32
2020-08-26 14:53:13
[SECURITY] Fedora 32 Update: bind-dyndb-ldap-11.3-2.fc32
2020-08-26 14:53:14
[SECURITY] Fedora 31 Update: bind-dyndb-ldap-11.2-4.fc31
2020-08-29 16:31:21
altlinux
altlinux
Security fix for the ALT Linux 10 package bind version 9.11.22-alt1
2020-08-21 00:00:00
Security fix for the ALT Linux 8 package bind version 9.10.8.P1-alt3
2020-08-24 00:00:00
Security fix for the ALT Linux 9 package bind version 9.11.22-alt1
2020-08-26 00:00:00
centos
centos
bind security update
2020-11-18 17:37:54
bind security update
2020-11-09 13:16:02
ibm
ibm
amazon
amazon
oraclelinux
oraclelinux
bind security and bug fix update
2020-11-17 00:00:00
bind security, bug fix, and enhancement update
2020-11-10 00:00:00
bind security update
2021-03-02 00:00:00
slackware
slackware
[slackware-security] bind
2020-08-21 21:02:31
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2020-1.0-0320
2020-09-04 00:00:00
Important Photon OS Security Update - PHSA-2020-0320
2020-09-11 00:00:00
Important Photon OS Security Update - PHSA-2020-0135
2020-09-10 00:00:00
mageia
mageia
Updated bind packages fix security vulnerability
2021-01-17 19:07:01
cisa
cisa
ISC Releases Security Advisories for BIND
2020-08-21 00:00:00
ubuntu
ubuntu
Bind vulnerabilities
2020-08-21 00:00:00
Bind vulnerability
2020-08-24 00:00:00
gentoo
gentoo
BIND: Multiple vulnerabilities
2020-08-29 00:00:00
suse
suse
Security update for bind (moderate)
2020-10-20 00:00:00
Security update for bind (moderate)
2020-10-19 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-8624 affecting package bind 9.16.3-3
2020-10-08 18:09:52
CVE-2020-8623 affecting package bind 9.16.3-3
2020-10-08 18:09:52
CVE-2020-8622 affecting package bind 9.16.3-3
2020-10-08 18:09:52
f5
f5
K82252291 : BIND vulnerability CVE-2020-8623
2020-08-25 00:00:00
K91090139 : BIND vulnerability CVE-2020-8624
2020-08-25 00:00:00
K02663161 : BIND vulnerability CVE-2020-8622
2020-08-27 00:00:00
prion
prion
Design/Logic Flaw
2020-08-21 21:15:00
Code injection
2020-08-21 21:15:00
Design/Logic Flaw
2020-06-17 22:15:00
alpinelinux
alpinelinux
cvelist
cvelist
aix
aix
ubuntucve
ubuntucve
veracode
veracode
Privilege Escalation
2020-08-31 04:08:32
Denial Of Service (DoS)
2020-08-31 04:08:31
freebsd
freebsd
BIND -- Remote Denial of Service vulnerability
2020-06-17 00:00:00
nvd
nvd
cve
cve
debiancve
debiancve
CVE-2020-8623
2020-08-21 21:15:12
CVE-2020-8624
2020-08-21 21:15:12
redhatcve
redhatcve
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.2 High
AI Score
Confidence
Low
0.022 Low
EPSS
Percentile
89.6%
Related for REDHAT-RHSA-2020-4500.NASL